[mehrdadn]

Does it have the following? They're what have kept me stuck on KeePass:

- Browser integration (a single key combo unlocking & filling in passwords)

- OTP support

- SSH agent and key storage

- Entry-level (rather than file-level) synchronization

- Google Drive synchronization

- Automatic history maintenance

- Storing arbitrary additional data

- Icons (makes identifying entries so much faster)

[odensc]

- Browser integration (a single key combo unlocking & filling in passwords)

Yes.

- OTP support

Yes.

- SSH agent and key storage

No.

- Entry-level (rather than file-level) synchronization

Yes.

- Google Drive synchronization

Nope, but because it's hosted (or self-hosted) that's inapplicable.

- Automatic history maintenance

Yes, if you're talking about password history.

- Storing arbitrary additional data

Yes, including files.

- Icons (makes identifying entries so much faster)

Yes.

[maccard]

It does have a decent browser integration, OTP support, history support (last 5 passwords) support for arbitrary additional data and icons.

Having not read the source code, or investigated the details, my understanding is the sync is entry based over file based. On multiple occasions I lost data to Keepass's insane lack of sync functionality, I've never once done the same with Bitwarden. Google drive sync is kind of moot as the sync happens on a server (which you can run yourself).

[mehrdadn]

> my understanding is the sync is entry based over file based

> Google drive sync is kind of moot as the sync happens on a server

Confused, so are you saying there is a server that does entry-based syncing? KeePass it's the KeePass client that resolves conflicts at the entry level with whatever is on Google Drive (which it connects to via plugins).

[maccard]

Apologies, I spoke too quickly. I'm unable to edit my original post to fix it.

The sync is client side according to [0]. I can't find specifics in any documentation on whether it works at an entry or file level, however I wonder is that actually important? Just because you sync at a file granularity doesn't mean you can't resolve entries individually.

My experience with Keepass was that my changes would get stuck in a conflict file that Dropbox would generate if you happened to use Keepass in 2 places at once, as they don't support syncing and force you to manually go through [1] on every device.

[0]https://help.bitwarden.com/article/how-is-data-securely-tran...

[1]https://gist.github.com/cmcginty/07869f3c6c27ecb0fef84ca7900...

[mehrdadn]

I was using "syncing" and "resolving" synonymously. What I was distinguishing between was keeping the most recent file (which is what happens if you use typical cloud syncing for the whole database file) vs. the most recent entry in a given file (which is what you get when KeePass itself gets a chance to actually examine both versions and figure out conflicts internally).

I can't figure out how the KeePass (or the plugin you use, or whatever it is) was handling your Dropbox syncing; it sounds like it was doing a dumb file-level merge, when in fact it's capable of doing much better than that. I use the Google Sync Plugin which has never failed me, even when I'd modified databases on two clients independently before syncing. It uses the ImportUtil.Synchronize() function which I think is what handles the dirty details. See the Technical Details section here: https://keepass.info/help/v2/sync.html

[maccard]

> What I was distinguishing between was keeping the most recent file vs. the most recent entry in a given file

Sure! (sorry, have finally had my morning coffee). I believe that Bitwarden handles it correctly via "live sync" [0]. - albeit it's been a transparent process to me. I've generated logins on my mobile, and logged into them within 30s via the browser extensions on my desktop PC.

> I can't figure out how the KeePass (or the plugin you use, or whatever it is) was handling your Dropbox syncing;it sounds like it was doing a dumb file-level merge

It was, and it was excruciating. However, this is one of the issues I have with Keepass - it may be possible to do better, but the default behaviour is abhorrent.

From the link you gave, it explicitly calls out the issue in "advanced" synchronisation schemes under "Local <-> Master" [1]. If you don't correctly follow the setup steps you can end up with [2] which can (and does) result in data loss. The (as far as I can tell) official (as far as I can tell) forums seem to be happy to pass the buck [3] and say "Oh that's not our problem, that's the sync services problem".

> I use the Google Sync Plugin which has never failed me

I don't doubt that for a minute, but for someone migrating from LastPass/OnePass to Keepass, searching for "How to sync keepass across machines" will _never_ point you to the google sync plugin.

[0] https://blog.bitwarden.com/live-sync-bitwarden-apps-fb7a5456... [1] https://keepass.info/help/kb/trigger_examples.html#dbsync [2] https://sourceforge.net/p/keepass/discussion/329221/thread/2... [3] https://sourceforge.net/p/keepass/discussion/329221/thread/9...

[mehrdadn]

> I believe that Bitwarden handles it correctly via "live sync"

That looks cool!

Re: your other comments though: you're not doing a fair comparison. Try letting Dropbox trash your %AppData%\Bitwarden folder and then let me know how well LiveSync handles syncing! That's what you're doing to KeePass.

> However, this is one of the issues I have with Keepass - it may be possible to do better, but the default behaviour is abhorrent.

This isn't the "default behavior" though. The default behavior is in fact to synchronize everything correctly... if you only give it a chance to do that. But if you insist on letting your Dropbox desktop sync pull the rug out from underneath KeePass and replace the whole database randomly, it's literally impossible for KeePass to know what the old entries were to be able to merge them -- it doesn't have them anymore. It needs an old copy of the database around so it can compare the two, and those instructions tell you to make a second copy so it can do its job. That seems pretty fair to me -- what more can you expect? You didn't even give it a chance to do its job, and instead let someone else just trash the place while it's gone, then blame it for not actively fighting your attempts to do that?

This is why KeePass has plugins like KeeAnywhere [1]. You're supposed to use those instead of syncing your database like a normal file. [2] So KeePass actually gets a chance to do its job... if you only let it!

[1] https://keepass.info/plugins.html#keeanywhere

[2] Well, KeePassX[C] folks will beg to differ and just tell you to keep doing what you were already doing and it'll work Just Fine (TM), and that what you were seeing happening in front of your eyes was supposed to be vanishingly unlikely. It's basically gaslighting as far as I can tell, but somehow they can pretend it doesn't affect them, so I dunno...

[steve19]

It has browser integration but it has a client server model so there is nothing to sync with gdrive or Dropbox. So it's more like lastpass than keypass.

You can host your own server and there is at least one alternative server implementation.